Kamoltat [Wed, 1 Mar 2023 20:32:47 +0000 (20:32 +0000)]
pybind/mgr/pg_autoscaler: Reorderd if statement for the func: _maybe_adjust
Problem:
In the func `_maybe_adjust` we have this condition
where `if not p['would_adjust']: continue` which
would get triggered before `if p['pg_autoscale_mode'] == 'warn':`
if we don't have `pg_autoscale_mode` as `on`. This causes:
the autoscaler to not throw any warnings.
Solution:
Move `if p['pg_autoscale_mode'] == 'warn':` to be
higher than `if not p['would_adjust']: continue`.
Tobias Urdin [Mon, 7 Aug 2023 20:34:43 +0000 (20:34 +0000)]
rgw/auth: handle HTTP OPTIONS with v4 auth
This adds code to properly verify the signature
for HTTP OPTIONS calls that is preflight CORS
requests passing the expected method in the
access-control-request-method header.
Rishabh Dave [Mon, 11 Sep 2023 09:55:46 +0000 (15:25 +0530)]
doc/cephfs: write cephfs commands fully in docs
We write CephFS commands incompletely in docs. For example, "ceph tell
mds.a help" is simply written as "tell mds.a help". This might confuse
the reader and it won't harm to write the command in full.
Fixes: https://tracker.ceph.com/issues/62791 Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit e63b573d3edc272d83ee1b5eb3dace037f762d87)
Adds subvolume groups into the subvolume tabs in order to select the subvolumes from the appropiate group.
Also adds the capabilities to manage the subvolume groups of the subvolume in the different actions, create, edit, remove.
Fixes: https://tracker.ceph.com/issues/62675 Signed-off-by: Pedro Gonzalez Gomez <pegonzal@redhat.com>
(cherry picked from commit 041bc0c362bf4109416ecc12bc44aa7496ebb9d1)
Nizamudeen A [Wed, 30 Aug 2023 05:20:30 +0000 (10:50 +0530)]
mgr/dashboard: remove green tick on old password field
a green tick is showing to the field where we enter the old password in
login password change form. It starts showing green tick as soon as we
start typing on it. Removing that because its misleads the user.
Change the sentence structure of a sentence because the verb
"experience" looked like the abstract noun "experience" when I read it
with fresh eyes. I chose the perhaps TESOL-unfriendly verb "incur", but
I believe it is right.
Ilya Dryomov [Fri, 2 Jun 2023 08:18:24 +0000 (10:18 +0200)]
qa/suites/upgrade: enable default RBD image features
Until commit 9fe05da41370 ("Revert "test: adjust rbd test case guards
to handle new defaults""), default RBD image features were enabled only
in Python API tests; C/C++ API tests were still exercising format 1
(6-7 years after its deprecation!).
Enable format 2 with default image features universally across upgrade
suites.
doc/man: remove docs about support for unix domain sockets
doc/man: support for unix domain sockets is not implemented, hence we
removed documentation about it.
(Note: the changes in this commit were the work of Rok Jaklič in
https://github.com/ceph/ceph/pull/48537. This pull request has been
raised because that pull request was for some mysterious reason causing
merge conflicts that were never resolved.)
Co-authored-by: Rok Jaklič rjaklic@gmail.com Signed-off-by: Zac Dover <zac.dover@proton.me>
(cherry picked from commit fa40b7ef560fc60a107dad1604650e0bcf27e77e)
This makes ceph-volume report partitions in inventory.
A partition is a valid device for `ceph-volume lvm prepare`
so we should report them in inventory (when using `--list-all`
parameter).
This functions works for what it is supposed to do:
check if a device is busy.
That being said, this induces a race condition in `get_devices()`
Indeed, it does:
1/ `os.open()` with `(os.O_RDWR | os.O_EXCL)`
2/ `os.close()`
The second call has an effect: it triggers a udev event which causes
systemd-udevd to re-process the device. This seems to be a question of
millisecond but because of this, /sys (sysfs) isn't fully populated as
expected. Given that get_devices() collects a lot of details from sysfs
in a loop, some of these details can be missed.
ceph-volume overall doesn't make decisions based on `is_locked_raw_device()`
This detail is used only for reporting (inventory).
For this reason, dropping this function seems reasonnable.
As a compromise, we can check if the device has partitions and/or a FileSystem
on it.
This adds a new config option 'inventory_list_all' so one can make
the command `ceph orch device ls` report lvm devices too as they are
valid devices that can be used to be prepared as OSDs.
tgfree [Fri, 3 Mar 2023 03:17:59 +0000 (11:17 +0800)]
doc/radosgw: multisite - edit "migrating a single-site"
Add the import step of the section "Migrating a Single-Site Deployment to Multi-Site"
in doc/radosgw/multisite.rst. The field "name" and "api_name" should be matched.
John Mulligan [Wed, 24 May 2023 17:42:26 +0000 (13:42 -0400)]
doc: make instructions to get an updated cephadm common
As discussed in person and over the ceph orch weekly, we want all users
to use a recent supported version of cephadm. Previously, the
instructions only had those downloading cephadm with curl using the
"add-repo" and "install" commands to get a up-to-date cephadm build.
According to ADK we've seen cases of users get "old" distro packages
in the past. Change the instructions so that the "update cephadm" steps
are common after acquiring a "bootstrap copy" of cephadm.
Starting with reef, cephadm is a compiled (zipapp) python application.
The cephadm script has been renamed and thus the old curl-based
download instructions will no loner work. While cephadm still has
no dependencies outside the Python stdlib, this will be changed in
future versions so it is no longer appropriate to just download the
source file of cephadm and run it either.
This change updates the `Install cephadm` section of the doc to explain
how to acquire a "compiled" version of cephadm as well as:
* moving and tweaking the note that the two installation methods are
distinct
* adding a new note linking to instructions on building cephadm
* moving the distribution-specific installations before the curl-based
installation to subtly hint that we prefer you to get it using
packages if you can
* Noting cephadm's minimal required python verision and how to run it
with a particular python version.
Adam King [Tue, 1 Aug 2023 21:43:36 +0000 (17:43 -0400)]
mgr/cephadm: filter hosts that can't support VIP for ingress
Keepalive daemons need the host to have an interface
on which they can set up their VIP. If a host
does not have any interface that can work, we should
filter it out
Adam King [Tue, 1 Aug 2023 20:32:06 +0000 (16:32 -0400)]
mgr/cephadm: select IPs/interface based on VIP for keepalive conf
We need to make sure the keepalive conf sets
the unicast src and peer IPs to be the ones
in the same subnet as the VIP we're setting up,
as well as specify the correct interface. Otherwise,
the keepalive daemons don't speak to each other
properly and all end up going into MASTER state.
Luis Domingues [Tue, 20 Jun 2023 07:07:57 +0000 (09:07 +0200)]
cephadm: Add parameter to set keepalived's virtual router id
When deploying more than 1 ingress, two instances of keepalived
can be generated with the same virtual_router_id. This commit
adds posibility to change the virtual_router_id of keepalived
from the spec file.
Luis Domingues [Tue, 13 Jun 2023 07:59:35 +0000 (09:59 +0200)]
cephadm: Split multicast interface and unicast_ip in keepalived.conf
When deploying keepalived, cephadm set interface and unicast_src_ip
in keepalived.conf. However, having both options are set, but
if unicast_src_ip is not in the interface set by 'interface',
the instrances of keepalived will not properly commuicate.
This commit makes both options exclusive, and add an option to set
either one or the other. Default is set to 'interface', as it seems
multicast is the default way to deploy keepalived.
Adam King [Wed, 23 Aug 2023 21:24:13 +0000 (17:24 -0400)]
cephadm: fixups for unit tests
These fixes really should be part of the commits
that brought in/changed the tests, but it's
difficult to find the exact commits as part of
this batch backport so I'm doing these minor fixups
in their own commit
John Mulligan [Wed, 12 Jul 2023 14:18:49 +0000 (10:18 -0400)]
pybind/mgr/cephadm: extend haproxy protocol test case
Extend that haproxy protocol test case so that for host1 we exercise the
new logic for gathering known-good IPs for the host and add those to
the ganesha config.
John Mulligan [Tue, 11 Jul 2023 21:07:25 +0000 (17:07 -0400)]
pybind/mgr/cephadm: add all known good IPs for hosts to haproxy list
Fixes: https://tracker.ceph.com/issues/61852
It was discovered that when the primary IP address of hosts managed by
cephadm are not all on the same subnet, then there's a chance that
ganesha will reject haproxy protocol connections.
Expand the list to all valid addresses for the hosts under management
such that we will not reject proxy protocol messages from the hosts
under cephadm management. This method was chosen over more sophisticated
possible approaches because we do not want to complicate the workflow
for the people setting up haxproxy+ganesha and do not want to miss any
possible subtle edge cases by trying to come up with the "perfect" list
of addresses.
John Mulligan [Tue, 11 Jul 2023 20:29:44 +0000 (16:29 -0400)]
pybind/mgr/cephadm: move haproxy client addrs to func
Move the list comprehension that gets the list of IP addresses for the
haproxy_hosts list to a separate function. This is in preparation for
making the logic more complex in a later commit.
Adam King [Fri, 18 Aug 2023 16:32:38 +0000 (12:32 -0400)]
cephadm: have attempt_bind raise up OSErrors
Before it was always converting the OSError to
our self-defined "Error" class. This causes an issue
with the port_in_use function that has special handling
for OSError when the errno is EADDRNOTAVAIL or
EAFNOSUPPORT. Since the error being raised was no
longer an OSError it wasn't being caught and checked
properly in port_in_use.
This has the additional property of being necessary
to check port availability for haproxy on its VIP. If
we fail deployment when EADDRNOTAVAIL is raised, it becomes
difficult to deploy the ingress service. If we deploy
haproxy first it fails because the VIP isn't available
yet (since keepalive isn't up) and it fails saying the port
it wants to bind to is unavailable (specifically EADDRNOTAVAIL).
If we try to deploy keepalive first it fails because it
needs to know the location of the haproxy daemons in
order to build its config file. This has worked in the past
by just having the haproxy fail to bind at first and then
fix itself once the keepalive daemon is deployed. That
no longer works if the haproxy daemon fails to deploy
because cephadm is reporting the port it needs is
unavailable. Since EADDRNOTAVAIL when deploying
haproxy likely means the VIP is not up rather than
something else is taking up the port it needs, fixing
the handling of this allows ingress deployment to
work while also allowing multiple haproxy daemons
on the same host to use the same frontend port
bound to different VIPs.
Adam King [Fri, 11 Aug 2023 18:00:31 +0000 (14:00 -0400)]
mgr/cephadm: only check haproxy frontend_port conflicts on VIP
If we know what IP the frontend_port will be binding
to, we can pass that down through the port_ips mapping
so cephadm will only check if that port on that specific
VIP if in use. This allows multiple haproxy daemons
to be bound to the same port on different VIPs on the
same host.
Note that you still must use a different monitor port
for the two different ingress services as that port
is bound to on the actual IP of the host. Only the
frontend port can be the same for haproxies on the
same host as long as the VIP is different.
Adam King [Fri, 11 Aug 2023 17:35:10 +0000 (13:35 -0400)]
cephadm: support for specifying IP a port will be bound to on
This is mostly for checking for port conflicts.
Currently, we just check if the port is bound to
on any IP on the host. This mechanism should allow
certain daemon types to specify a port -> IP mapping
that will be passed to the cephadm binary. That
mapping will then be used by cephadm to only
check for the port being bound to on that specific
IP rather than any IP on the host. The end result
is we could have daemons bound to the same
port on different IPs on the same node.
It's expected that daemon types will set this
up as part of their prepare_create or generate_config
functions where they may have more info about the
specific IPs and ports they need.
projects / ceph.git / log